Posted
by
samzenpus
on Wednesday September 20, 2006 @04:17PM
from the fraud-is-easy dept.

Ben Rothke writes "In an important new book Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, Avi Rubin writes 'too often in American life, when it comes to divisive issues, the facts can be less important than the weight of public opinion'. That basically sums up Rubin's story in this fascinating story of his frustrations in dealing with government and corporate officials in his quest to show that e-voting was not as secure as it was originally made out to be." Read the rest of Ben's review.

Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting

author

Aviel Rubin

pages

272

publisher

Morgan Road Books

rating

10

reviewer

Ben Rothke

ISBN

0767922107

summary

Electronic voting systems are being deployed with inadequate levels of trust and security

Brave New Ballot (BNB) is Rubin's story of how in 2003, he and his graduate students at Johns Hopkins University demonstrated that the Diebold Election Systems electronic voting technology in wide use was full of security problems. It was just in 2002 that Sherron Watkins of Enron was named Time magazine person of the year for her work in uncovering fraud at Enron. It would have been thought that Rubin's work would have immediately won him some sort of patriot of the year award for his work.

While the accolades were indeed many, his team's research was maligned as being that of a homework assignment, and the Administrator for Elections for the state of Maryland (where Rubin lives and works) publicly stated that 'computer scientists (a direct reference to Rubin and his team) who question the security of electronic voting machines are undermining our democracy.' Such a scenario makes up much of the story that the book tells in Rubin's team's efforts to blow the whistle on unsecure e-voting machines.

As to the Administrator for Elections for the state of Maryland and her disdain for computer scientists, she would likely find constituents such as the zombie-like Stepford wives more to her liking. Unfortunately, she ended up with Professor Rubin.

It is not that secure electronic voting is inherently unattainable. Rather, nearly all of the commercial solutions that have shipped to date have not been adequate designed with security in mind. This is due to many factors, some of which are that the makers of these devices do not completely understand the security risks and countermeasures, in addition to public officials who are far too trusting of these commercial e-voting vendors.

The early chapters of the book detail how Rubin's team analyzed the security and cryptography used within extremely sloppy coding of the Diebold Accuvote-TS director recording electronic device. One particularly humorous incident is when the Diebold programmers reference Bruce Schneier's Applied Cryptography in their C++ code for their decision of which algorithm to use of a for pseudorandom number generation. The only problem is that Applied Cryptography states that the specific algorithm they used should specifically not be utilized for random number generation. Rubin comically states about that incident that Diebold should have consulted with Schneier, rather than have their staff misunderstand what they read in his book.

I had a similar frustrating incident when consulting on an e-voting systems some years ago. The lead developer (who obviously was no expert in cryptography) documented that the e-voting system used 120-bit encryption. Upon analysis, we found that the system was using 40-bit encryption. When countered about that, the developer replied that they perform the 40-bit encryption routine three times using the same key, for an effective 120-bit key length. Of course, 40-bit encryption will always be (insecure) 40-bit encryption, no matter how many iterations he put it through; but it is frightening that he did not know that.

After his team presented their report in 2003, Rubin writes in detail how Diebold started a smear campaign against him. Not only was it Diebold, but also election officials in municipalities that had deployed the Accuvote-TS system that also maligned Rubin. This was done primarily by misinterpreting his objections, and also by refusing to pay attention to other independent reports on the insecurity of the devices.

Being a whistle-blower always takes a toll on a person and Rubin was no different. He work on e-voting consumed him and took a toll on his family, career and his students. The book chronicles how Rubin found himself caught in a crossfire between big business, partisan politics, and overworked election officials. Rubin also found himself between the crosshairs of the ITAA (Information Technology Association of America), powerful vendor-based lobbying group. The ITAA, of which Diebold was a client, attempted to discredit him on many occasions, but their evidence was always weak and reckless, and in the end only served to bolster Rubin's claims against the Diebold systems.

Part of the absurd claims of the ITAA was that the open-source movement is using the issue of e-voting security to wage a 'religious war' that pits open-source software against proprietary software. Rubin could have filed chapters with similar ITAA absurdities, but wisely chose not to.

Similarly, an article I wrote 'E-Voting: It's Security, Stupid' also was the recipient of the wrathful ITAA reply. In their so-called rebuttal mistakenly titled 'E-Voting Does Work', Harris Miller of the ITAA follows his modus operandi of first attacking the person, avoiding the issue, stating vague meaningless comments, and concluding the issue by missing the point.

99% of the voting public does not know about backdoors, insecure code, Trojan Horses, insider threats, and scores of other security issues that the e-voting vendors have yet failed to fully address. The election process as we know it is rapidly being migrated to these electronic voting machines that are replacing the older, but more reliable mechanical systems.

BNB is a timely and important book as it details the very real defects on which these e-voting systems are built on (and Windows is only one of them). The ITAA made claims such that the only vulnerability within e-voting is that of a rogue programmer conspiring to steal public office. Such politicking only serves to confuse the issue for a public that is inherently trustful of these voting machines. Yet if these e-voting machines were built to the same stringencies and regulations that the aviation and pharmaceutical industry faces, they would never make it within a mile of a voting booth.

Brave New Ballot is to e-voting what Rachel Carson's Silent Spring is to the global environmental movement. It is a vitally important book that details the problem of e-voting and what can be done in the future to make certain that it can one day be carried out in a secure manner.

Of course, the image of an embedded crypto key or plaintext password in an e-voting system does not convey the same impact on the public as that of a thalidomide baby. Pictures of thalidomide babies caused heads to roll at the FDA, and one should hope the that the publication of Brave New Ballot will awaken the public from their slumber on the topic of electronic voting, and encourage the Election Assistance Commission to immediately ban electronic voting until it can be secured.

Deforest Soaries, the first Chairman of the United States Election Assistance Commission sums it up best when he states 'If the integrity of our sacred right of voting is less important than partisan politics, corporate interests, or bureaucratic systems, then shame on us for presenting ourselves as the global standard bearers of democracy. As Brave New Ballot shows, there is a lot of shame going around.

but surely in a democracy, public opinion is more important than anything else, it is how we elect officials. Therefore the concern should be how we educate the public to the facts to allow a fully educated public opinion rather than try to replace the opinion with fact.

And what if, the IQ of the majority of the public, falls below the bell curve? Preventing them from being educated properly as to the issues beyond 10 second sound bites? In a society where popular culture rewards dumbness?

Back that up. By definition, half has an IQ below median, but if we had one guy with a very low negative IQ (e.g. -100000000000000000000), 90% of us could be above average.

-There is no such thing as a "negative IQ".

-IQ is scaled such that it is gaussian around a certain mean. Half the people tested are below the average by definition of IQ. If you ever test a distribution that is not gaussian, then you are not testing IQ but something else.

What f***ing 'democracy'?
The people no more rule in America than anywhere else.
What's the percentage of adults registered to vote? 60%?
Of course, that goes much higher if you ask about the %age of middle-class adults...
Democracy? Who owns the land? Why does 95% of the population live in urban areas?
Give me a break.

In a freedom-loving society, public opinion is most certainly not important than everything else. In the 1950s and 60s, the overwhelming majority of people in many southern states believed in racial segregation and other discriminatory laws (e.g. the bus seating law Rosa Parks was arrested under.) That didn't make any of it right or beneficial for the country as a whole. Most democracies do have provisions to override the will of the people (in this case, the judicial system) and this are absolutely vita

>but surely in a democracy, public opinion is more important than anything else

That's why the US Constitution puts so many circuit breakers between public opinion and government power. If some mass hysteria lasts for two years it will replace the entire House but only a third of the Senate. It takes decades of consistent public feeling to make a big change in the judiciary.

Indirecting the popular will through legislators is another safeguard against mob rule.

Or, sociologically, the U.S. could be as conformist a culture as the bulk of societies on the planet and our rebellious, freedom-loving image may be as thin as a pair of gap jeans and as solid as a truck commercial. Other cultures have needed some powerful propaganda from Hollywood to change -- and are they happier for it?

Of American IT. As the article above states: Similarly, an article I wrote 'E-Voting: It's Security, Stupid' also was the recipient of the wrathful ITAA reply. In their so-called rebuttal mistakenly titled 'E-Voting Does Work', Harris Miller of the ITAA follows his modus operandi of first attacking the person, avoiding the issue, stating vague meaningless comments, and concluding the issue by missing the point.

Yep, that's exactly been my experience with the ITAA- they're not so much interested in facts

I really don't get this computerize everything mentality. Here in Minnesota, we use optical scan ballots. They're large, easy to read, easy to see if they've been marked correctly. If you make an invalid vote, the machine rejects it immediately so you can make a change. It spits out a tally at the end of the day and all the ballots are saved for easy auditing of results. It works; people get it.

Yeah, but that's in Minnesota where you've got what, maybe 2 million ballots to store after an election? That takes up what, a pallet or two in a warehouse? Now try multiplying it by 100, and you get the nationwide votes if everybody voted. The whole idea of computerized voting is to expand the vote by use of technology, kind of like Oregon's mail in ballots but eventually over the internet. Or at least that's the dream.

In the meantime though, there's all sorts of other issues that need consideration-

That takes up what, a pallet or two in a warehouse? Now try multiplying it by 100, and you get the nationwide votes if everybody voted

So what? You can distribute the storage just as you can distribute human-handled vote-counting. In fact, counting vote is one of those few extremely parallelizable, highly scalable operations. That's why democracy and paper ballots work in a country like India, with 1 billion citizens and more potential voters than the total US population.

(devil's advocate)The error rate and fraud vulnerability for paper is high enough that if, for example, the OpenBSD team designed a system it could actually work better.Boxes of paper ballots from opposition precincts can suffer "accidents", the people counting can "misunderstand" a ballot, and there's a dreary list of other ways to cheat.

Now imagine a computer in a locked case that digitally signs the count and posts it to Usenet via a time stamping service. Good luck tampering with that result after the f

Dude, you missed the point there at the end. Okay, sure, an unscrupulous poll worker could reprogram the machine to silently reject certain votes. But, at the end of the day, when an anomaly is found (and, they're found even where they don't exist, so it will be found), the paper ballot still exists and can be hand counted. Without the machine.

In the meantime though, there's all sorts of other issues that need consideration- especially in the area of recounts and tampering with the machines. Your optical scan ballots are the same- there's nothing, for instance, to stop an unscrupulous worker from reprogramming the machine to reject votes for Democrats without showing the error.

Ah, but while the machines may be reprogrammed there's still a paper receipt the electronic results can be compared to and validated. Since the ballots are good enough

Election officials and those they work for don't want the voting machines to be secure, nor do they want them to generate an audit trail. They want to be able to silently steal elections. They want to become the New Ruling Class.

Real democracy brings instability to the government. It's the very nature of democracy. These people don't want instability -- they want stability, which means they want to be in charge and to remain in charge. They don't want to serve the people. They want to serve thems

Funny thing is each state has several districts each one having its own election officials of which some are republican some are democrats, and they often disagree on many issues. It doesn't seem likly that these groups would work together, but its possible.Interesting story, where I live the election supervisor was trying to find an electronic voting machine that provided a paper backup. He found some but the state refused to allow it because it was not a state approved vendor. All the state approved vendo

Was not the same thing being told by Stalin to the Russians...something like..."We need to find the enemy among us who are supporting the imperialists and undermining the success of the revolution. So trust us and you have nothing to fear if you are not the enemy "

Sometimes I feel like I'm in one of those Star Trek episodes where nothing makes sense and it turns out to be psychological testing by aliens.

According to my government officials,- a decorated Marine colonel is a "coward'- ayone who agrees with the Army War College about Iraq is an appeaser- people who uphold oaths to defend the Constitution "only aid the terrorists"- and people who work for honest elections "undermine democracy".

Why the hell do you want to take a recipt out the door with you? That's a terrible idea.

A much better idea is to have it print out a short slip with your choices clearly printed on there. You then drop that slip in a box on the way out and if there is any question as to the accuracy of the machines the pollworkers just have to crack open the box and go through all of the recipts. After the voting is complete and the elections are done, a few random counties should have their boxes double checked as well, just to verify that nothing is screwey with any of the electronic tabluation equipment.

Actually, if the solution is designed correctly, the voter should be able to leave the location assured that their vote has been registered correctly. Preferably, they'll get a receit with an id on it that they can enter on a website to make sure their vote made it all the way through and was correctly tallied.

Since the unique ID does not need to be traceable, it would not mean a loss of privacy. But it WOULD mean that the voters for the first time in history had the power to discover fraud.

All it would mean is the fraudster would have to modify votes in a specific way (perhaps keyed on a hash by the voter number) such that the website would report whatever the user specified isntead of what was actually counted.

Also, you'd have thugs following you home checking your number against the web site to make sure you voted their way. No thanks.

Why the hell do you want to take a recipt out the door with you?
Well duh! Obviously so that you exchange the receipt for an iPod when you turn it in to the Democrat Party to prove you voted for their candidate.;)

The solution to E-ballots can be stated in 3 simple steps1) Each vote is recorded onto an optically sortable paper ballot, with human readable votes2) The ballots are mechanically sorted into piles based on the optical marks3) The ballots are mechanically counted one pile at a time.

Sure, it means three machines to do the work that other e-voting companies claim to do with 1, but look at what happens:

1) The voting booth is now simply a frontend. People select what they're voting for, and a piece of paper co

Today we received the outcome of a local election. Here in Oregon we "Vote By Mail" so since we are free from the risks of electronic ballots, other means must be found to "be creative". Some of the highlights of my experience:First this election had no fanfare, no media emphasis, it just showed up in the mail one day... AS the subject dealt with increases to city coffers it is understandable the want as few people discussing it ahead of time.Next a large format postcard shows saying "Uh oh! we maile

Bad idea, very bad idea. Receipts showing how someone voted were gotten rid of where they were tried because the voter's boss, mafia don, or thug could demand the voter hand over the receipt to make sure they voted the way they were instructed to vote. Simply receipts take away anonymity.

As far as I see the biggest problem here is that people are making money out of running an election and will do a lot of things to keep getting the money. Putting in procedures to limit the chance of corruption cuts their profits assuming that there is no criminal intent whatsoever . I really think the processes of democratic elections should be the responsibility for the state with the prime motivation being to get it done properly and transparently instead of making a buck. I am also cynical enough to

He was on all of the local (Baltimore) news programs (and some national ones, too, I think) last week after the Maryland debacle -er- primary. Didn't catch any of them myself, but I'm sure they were good. Also note, check out his blog [blogspot.com] regularly if the e-voting issue interests you.

It seems based on the review that the best way to win "The Battle to Safeguard Democracy in the Age of Electronic Voting" would be to, you know, not be in the age of electronic voting. You know, not electronically vote. There's no way the cost savings can justify all the new opportunities for cheating that it allows.

Of course, I wouldn't be satisfied by anything but publishing the voters' choices. Not by name -- give them an anonymous unique voter ID so that they look at the database, they can say "ah, they got mine right".

Of course, I wouldn't be satisfied by anything but publishing the voters' choices. Not by name -- give them an anonymous unique voter ID so that they look at the database, they can say "ah, they got mine right".

Not good enough: They might give all the people expected to vote for the Democratic candidate the same voter ID. If any of those people end up voting republican, the only visible discrepancy would be that some Republican votes were counted as Democratic -- which obviously wouldn't be considered caus

Of course, I wouldn't be satisfied by anything but publishing the voters' choices. Not by name -- give them an anonymous unique voter ID so that they look at the database, they can say "ah, they got mine right".

And then, as you leave the polling place, a big guy mugs you, copies down your 'anonymous' voter ID along with your name (or just steals the voter ID and your ID), and delivers it to his boss. Hope you voted for the person they wanted you to... or else! In other words, you've just opened up the voting public to bullying.

"OVC is great, but I'm still putting too much trust in others without publicly auditable records."Please go read what OVC proposes. They advocate a multi-layered approach, so that you don't have to trust any official or vendor, but the system as a whole can be composed of untrusted, self-inteterested parties and still produce a trustable result.

They advocate open source software because it's open to inspection, can be provided by multiple competing vendors, etc. They also advocate voter verified paper ballo

the Administrator for Elections for the state of Maryland (where Rubin lives and works) publicly stated that 'computer scientists (a direct reference to Rubin and his team) who question the security of electronic voting machines are undermining our democracy.'

Our democracy has existed for 230 years. Electronic voting do little to nothing to expand democracy. What they do expand is the possibilities for hard to detect fraud -- something which *does* undermine our democracy.

but rarely on the method used to determine the winner. Plurality, to put it bluntly, sucks. Instant Runoff Voting is only marginally better. If we were smart, we'd either go with Approval -- just replace "Vote for one" with "Vote for one or more", so it's no more difficult -- or with a Condorcet method (which uses the same ballots as IRV without some of the more annoying paradoxes).

Only for presidential election. For the senate/congress, the problem is completly different. Having seperate elections for each spot in senate/congress is a terrible mistake. At first it may seem like a good way to get representation from every part of the country, but it completly fails in regards to representing the will of the people. Imagine a 3rd party that evenly has 20% of the votes across the country. It will end up without a single spot in the senate or the congress.If the less populated states fee

There was no book review here, just the "reviewer"s aimless ramblings and anecdotes relating to the topic of the book. He does little if anything to actually, you know, REVIEW THE BOOK. Nice to see that spellchecking is still not a priority though.

The reviewer obviously read the book in detail and wrote about it, what is your problem?
Do you prefer that style or this style:
Book X is a (good/bad) book.
In chapter 1, bla bla bla.
In chapter 2, bla bla bla.
In chapter 3, bla bla bla.
In chapter 4, bla bla bla.
In chapter 5, bla bla bla.
The conclusion states bla bla bla.
Therefore, Book X is a (good/bad) book.

>>>There's nothing to indicate that he did read the book actually.
Give me a break! Should we have a note from his mommy stating he REALLY read it??
>>There is almost nothing even about the book at all. Its just the "reviewer"s opinions on the topic of electronic voting and the security and fraud issues surrounding it. Book reviews are not soap boxes, if you want to post journal entries do it in your journal, not in a book review.
This is/. We all pontificate.
It is obvious he read it.

Paper ballots? How quaint!.. The Floridian "poor", you see, were disproportionatly confused by them — much easier to have them use computers, which even a retired librarian, overseing the voting station on election day, will be able fix and to spot any and all possible tampering with...

Paper ballots? How quaint!.. The Floridian "poor", you see, were disproportionatly confused by them -- much easier to have them use computers, which even a retired librarian, overseing the voting station on election day, will be able fix and to spot any and all possible tampering with...

I find this to be an excellent point. I do not understand why anyone should choose electronic ballots. For me a computerized solution only works if actually provides some kind of improvement on the paper ballot system. And

Paper ballots? How quaint!.. The Floridian "poor", you see, were disproportionatly confused by them -- much easier to have them use computers, which even a retired librarian, overseing the voting station on election day, will be able fix and to spot any and all possible tampering with...

So, 1 the librarian can read code, and is able to tell when the code was altered? And two, the librarian gets to see how you vote?

You secure the electronic vote, you get a paper trail. Is that enough?No, you get what happened in Mexico, where the paper trail is not checked.Mexico, the ballots report at random, it is clear the encumbant is losing, at about 75%, a funny thing happens, ballots start coming in with huge swings to the encumbant and the challengers vote switched to a third party. The vote swings.

The election authority says its counted 98.5% of the vote but has only counted 92.5%.The challenger says '3 million votes are miss

What happened in Mexico was a lack of transparency. It was like the almost-rigged election on Battlestar Galactica last season.IF all parties had been allowed to watch each and every ballot each and every minute until the results were finalized, fraud would be much harder. IF the election judges rules that a meaningful, scientific, random statistical sample of the ballots be recounted under the watchful eye of all parties, gaming the recount would be much harder.

"In Thailand, IMHO if you legitimately elect a leader, and he makes decisions the population doesn't like but which are within his authority, you have only a few legitimate options: Use the legal process to take away the authority or dissolve the office altogether, use legal authority to force early elections, or wait until the next election."

In the angst of the 2000 election, the major alleged "breakdowns of democracy" occurred in jurisdictions where Democrats administered the elections.Every step since then to press for e-voting was initiated, fought for, and demagogued by Democrats.

When paper ballots were left behind at their urging, displacing rhetoric about "disenfranchisement" and the "intent of the voter", the Democrats did a 180 and made their pet e-voting the culprit, invented balderdash hokum about Diebold and spun it all as a conspira

I call Bullshit. First, in the relevant counties in Flordia, the election commisioner, Mrs. Harris was a Republican. Secondy e-voting machines by Diebold can be broken easily. This is a company that makes ATMs. They should be able to make secure machines, but they choose not to. Yeah, it's a conspiracy theory, but theory has facts behind it. As for disruption, the Republican allocation of voting booths in Ohio was very skewed. A evengelical collage had 1 machine for 100 people, while a bigger, more democra

The United States of America uses the "Australian Ballot" form of voting. That means everyone gets a secret ballot [wikipedia.org] and the ballots are counted publicly. It was then, as it remains now, the best design to accommodate our system of elections. Please understand this essential reality before suggesting "improvements" (e.g. receipts, mail ballots, etc.).

Someone in this thread is going to state that HAVA 2002 mandates the use of electronic voting machines (aka "DRE" or direct recording electronic). That is false, as thoroughly explained in Voters Unite's Myth Breakers [votersunite.org] document.

Someone in this thread will make some statement about how electronic voting devices permit the disabled to vote in private. That's not exactly true. To the best of my knowledge, the existing products do not preserve the secret ballot. Nor are they particularly accessible. Meanwhile, there are solutions which do preserve the secret ballot and are accessible to disabled voters. Such as ES&S's AutoMark, the Vote-PAD, and EqualiVote. (There are some other novel systems, too. I just haven't researched them yet.)

Someone in this thread is going to state that electronic voting is just splendid, and we can make it work, if we just try harder next time. Fine. Show me. Then let's talk. Meanwhile, all current systems suck.

Someone in this thread is going to suggest that we have all paper ballots counted manually. Like Canada. Or Germany. It's not a bad idea. But it wouldn't work in the USA with our current constraints and expectations. To contrast, in Canada, the races are very simple and so the tabulation is feasible. In Germany, they have proportional representation and rely on their superior form of exit polls. Meaning their system is very tolerant of errors. And they have legions of civil servants working weeks to get the exact manual tally. Whereas here in the USA, politicians and news networks demand results now, now, now!

Someone in this thread may suggest it's all about the Republicans. Or the Democrats. It hasn't proven that simple. I believe it's a fight between the people in power, who want to stay in power, and us voters. I'm a pretty progressive guy. But I readily acknowledge the bad guys (with respect to election integrity) here in King County Washington are in the Democratic leadership. (My experience is that the rank and file of both major parties are completely on board with election integrity.)

Someone in this thread may also suggest that we eliminate the need for electronic voting at poll sites by transistioning to forced mail voting (100% vote by mail). Like Oregon State has done and where most of Washington State is heading. It's terribly idea. No more secret ballot. No more public vote count. Higher error rate. Huge more expensive. Long-term decline in voter turnout. It's a big topic. We've been researching it for about 9 months and have only scratched the surface. We discuss

Someone in this thread will also exhort the necessity of using a voter verified paper audit trail. They may even encourage others to support Rush Holt's HR 550. Unfortunately, the VVPAT is a placebo. What guarantees what's recorded is what's printed? Nothing. And experiences to date demonstrate that actually auditing the VVPAT is infeasible (1h 15m per ballot cast). That said, the efforts of VerifiedVoting.org and other are not misguided. Many states already have electronic voting machines without the VVPAT. So passing HR 550 would be better than nothing.

The take away point is this:

The most reliable, secure way to vote in the USA today is to use voter-correctable precinct-based optical scanners. That means paper ballots at poll sites fed into a ballot scanner.

Please support Voter Action [voteraction.org]. They have successfully prevented the use and procurement of electronic voting machines in a few states already. They are expanding the fight as fast as they can

Someone in this thread is going to state that electronic voting is just splendid, and we can make it work, if we just try harder next time. Fine. Show me.You're on. Where voter-verified paper audit trails (VVPAT) exist and enough are randomly sampled and recounted to detect fraud, it can be a success. Show me otherwise.

Unfortunately, the VVPAT is a placebo. What guarantees what's recorded is what's printed? Nothing. And experiences to date demonstrate that actually auditing the VVPAT is infeasible (1h 15m

I'm assuming we are sampling the VVPAT, not the electronic count, as there's no point in sampling it.While it's true you can't get a sample that's properly weighted for age, gender, etc., you can get one that's random in each precinct, and you can further select additional preceincts either totally at random or weighted using historical data for 100% paper-ballot counts.

Here's how you do it:You pick the closest race to determine your minimum sample size to have an acceptable confidence interval. All you ca

And they have legions of civil servants working weeks to get the exact manual tally. Whereas here in the USA, politicians and news networks demand results now, now, now!

You don't need "legions of civil servants working weeks" to get manual tallies. You may want them to verify and officialize the tallies, but the counting can be started by election officials right after the booths close, in front of the public. Just get one person to record count and one to count ballots, put another pair to recount the s

Someone in this thread is going to suggest that we have all paper ballots counted manually. Like Canada. Or Germany. It's not a bad idea. But it wouldn't work in the USA with our current constraints and expectations.

Why not? When I voted on Saturday two weeks ago in Australia in a compulsory election at one of eight locations staffed by volunteers in an electorate with 13,000+ votes cast that day I didn't see any of the chaos descibed in the earlier article here where far less votes were handled - people d

To answer some of the points raised above about the differences - in Australia voting is compulsory for every adult and we have three levels of government (local/state/federal) and each has an election every three years without stictly fixed terms, so we end up with an average of one a year. Most ballots have one paper with a choice of canditates and their party marked on it - we can either put numbers in each box or just put a "1" in a single box. The Federal election has one ballot for the Senate with o

>Unfortunately, the VVPAT is a placebo. What guarantees what's recorded is what's printed? Nothing. And experiences to date demonstrate that actually auditing the VVPAT is infeasible

Well, you use random-sample audits to detect and deter attempts to program the machines to count one way and print another.

Coincidentally there's a letter to the editor in the current Forbes about this. In tests, voters don't verify the voter-verifiable paper artifact. One study showed 60% coming out unable to say what was on

"The most reliable, secure way to vote in the USA today is to use voter-correctable precinct-based optical scanners. That means paper ballots at poll sites fed into a ballot scanner.""Unfortunately, the VVPAT is a placebo. What guarantees what's recorded is what's printed? Nothing. And experiences to date demonstrate that actually auditing the VVPAT is infeasible (1h 15m per ballot cast)."

Actually, thalidomide [wikipedia.org] was one of the FDA's great successes...the drug was never approved in the US; most of the birth defects happened in Europe. It's one of the reason the FDA's drug approval process is so slow relative to other countries.

Of course, the image of an embedded crypto key or plaintext password in an e-voting system does not convey the same impact on the public as that of a thalidomide baby. Pictures of thalidomide babies caused heads to roll at the FDA,
It's worth noting that the FDA, and in particular, Frances Kathleen Oldham actually DID THEIR JOB, and did NOT approve thalidomide for sale in the U.S.
I remember my mom mentioning this. Being born in 1961, that could have been me flapping around.
Not to worry, that level of saf

If anyone missed the article by Robert F. Kennedy Jr. in Rolling Stone, "Was the 2004 Election Stolen?", I'd suggest reading it. There are a few [well cited] examples of e-voting sucking the big one and/or how the machines were manipulated.
http://politics.slashdot.org/article.pl?sid=06/09/ 17/1845248 [slashdot.org]

I recently had a discussion with a friend about this whole Diebold mess, and how the public just has no clue about the vulnerabilities. I'm beginning to feel that an election version of "9/11" is the only way to do it. Have a bunch of operatives volunteer to work an election in some district and then, on election day, have the machines report twice as many votes as there are registered voters... and have them all be for the Green party or something. Until then, the sheeple will think that it's all ivory-tower theoretical stuff. They need to be shown that a real election can really be stolen.

Of course, this will mean jail time for the perps, but I have two things to say about that. 1) Some would consider that a small price to pay for preserving democracy. 2) You might be able to get a light sentence if you mailed, before the election, some letters (saying "Do not open until after the election" on them) to several news agencies declaring that you are going to rig the election in order to expose the dangers to our democracy.

Statistically impossible results did occur last election, but they occured for repulicans, in a state with republican governors on machines made by companies that donate money to republicans. Recounts were shouted down by astroturfing groups supported by republicans.

Strangely the republican friendly media didn't think this was important.

eVoting was a bad idea all right, but it's far from the only problem we have. We have very weak systems to assure that the person voting isn't committing fraud, regardless of the voting method being used. For example, here in California, it's explicitly forbidden to ask the person for a photo ID. I can walk up to a poll, say I'm Mr. So-and-so living at address blah blah, and even if the poll worker knows me to be someone else, s/he can't make me prove my identity. While we should be concerned about fraud be

It is not that secure electronic voting is inherently unattainable. Rather, nearly all of the commercial solutions that have shipped to date have not been adequate designed with security in mind. This is due to many factors, some of which are that the makers of these devices do not completely understand the security risks and countermeasures, in addition to public officials who are far too trusting of these commercial e-voting vendors.

The people in government are choosing the machines based on their hackaba

Another source of info about e-voting problems is BlackBoxVoting.org [blackboxvoting.org]. They have a free pdf book on their webpage. A couple of years ago I skimmed through a few chapters of it. Starting on chapter 9 [blackboxvoting.org] they talk about accidentally finding an unsecured FTP server and downloading 40,000 files, including the sofware for the Diebold voting machines such as BallotStation.exe, GEMS.exe, and VCProgrammer.exe. They discovered that Diebold's secret proprietary software had various unacceptable security problems. It

Yes, election fraud is a real concern.
The big, big problem with e-voting is that it makes it much easier to do on a large scale basis.
Some dumb NASCAR mom from South Carolina who has worked a lot of elections can likely detect a voting booth that has been tampered with.
But do you think she can detect the that the e-voting machine does not have the latest mircosoft patches? Or the C code is full of bugs?

It's a bit off-topic since it talks about what happens BEFORE you mark your ballot, but still very insightful.Voter intimidation and gerrymandering have been with us since the beginning of the Republic. Voter intimidation, at least on a small or individual scale, will probably never end. I do have some hope for the end of politically-motivated district lines, but only if the people rise up and demand it.

What we can do is get rid of large-scale barriers to voting, such as inadequate polling places, registr

It is more sensible in some cases to take a small amount of damage in preference to having none for a time but paying for it in the long run by losing the very means of fighting [is the advice given in Holland by Dr Briejer in his capacity as director of the Plant Protection Service]. Practical advice should be "Spray as little as you possibly can" rather than "Spray to the limit of you